GET STARTED
Quickstart Install Initialize Overview Config Analyze Scan Plan Migration Monitoring Attestation Risk Compatibility
001 — QUICKSTART

Get CipherNovaTM running in under 5 minutes.

Install the CipherNovaTM SDK, connect to your infrastructure, and start analyzing hosts for quantum vulnerabilities.

INSTALL
npm install @quantumgenie/ciphernova-sdk
INITIALIZE
import { CipherNova } from '@quantumgenie/ciphernova-sdk'

const qg = new CipherNova({
  apiKey: process.env.QUANTUMGENIE_API_KEY,
  mode: 'monitor'   // 'monitor' warns | 'enforce' blocks
})
ANALYZE A HOST
const analysis = await qg.analyze('example.com')

// analysis.tlsVersion        → 'TLSv1.3' | 'TLSv1.2' | ...
// analysis.cipherSuite       → active cipher suite name
// analysis.exposureLevel     → 'safe' | 'low' | 'moderate' | 'high' | 'critical'
// analysis.riskScore         → 0–1 based on real handshake data
// analysis.certAlgorithm     → RSA-2048 | ECDSA-P256 | ML-KEM-768 ...
// analysis.recommendation    → actionable next step
SCAN BEFORE CONNECTING
const result = await qg.scan('https://api.partner.com')

// result.safe         → boolean
// result.action       → 'allow' | 'warn' | 'block'
// result.riskScore    → aggregate risk
// result.details      → per-field breakdown
002 — AI INTEGRATION PATHS

Choose the integration path that fits your workflow.

QuantumGenie can plug into agent workflows through MCP, operational playbooks through Skills, and product or engineering systems through the CipherNovaTM SDK.

Use MCP when you want ChatGPT, Claude, Codex, or internal agents to call QuantumGenie directly for PQC discovery, repo inspection, and migration guidance inside conversational or agentic workflows.

Best For

Agent-native security workflows

Give AI systems structured access to TLS scans, repository findings, documentation context, and cryptographic remediation paths.

  • Website TLS scanning from inside chat or workflow agents
  • Repository and documentation inspection in the same flow
  • PQC migration answers grounded in current platform state
Typical Flow

Connect once, then let agents query securely

Point a compatible client at the QuantumGenie MCP endpoint and let your agent call tools instead of relying on screenshots or pasted reports.

// Example MCP client configuration
{
  "mcpServers": {
    "quantumgenie": {
      "url": "https://try.quantumgenie.ai/mcp/sse",
      "headers": {
        "Authorization": "Bearer YOUR_QUANTUMGENIE_TOKEN"
      }
    }
  }
}

Use Skills when you want guided remediation playbooks layered into coding agents or internal automation so teams can act on findings faster, not just view them.

Best For

Repeatable remediation playbooks

Package QuantumGenie knowledge into workflow steps your teams can reuse for code review, migration planning, and cryptographic inventory analysis.

  • Standardize how teams interpret PQC findings
  • Guide remediation sequencing for legacy crypto
  • Embed domain knowledge into internal agent workflows
Typical Flow

Pair QuantumGenie context with team-specific instructions

Teams define the actions an agent should take when a risk pattern appears, then reuse that playbook across repositories, services, and investigations.

# Example skill prompt shape
When QuantumGenie flags legacy crypto:
1. Summarize the affected asset and algorithm
2. Explain why the pattern is risky in a PQC migration context
3. Recommend a safer replacement path
4. Suggest the next operational step for the team

Use the SDK when you want product or engineering teams to scan hosts, gate risky connections, and plan migration work programmatically inside applications and services.

CipherNovaTM(config)
Initialize the SDK with your API key and policy settings.
interface QGConfig {
  apiKey:  string
  mode:    'monitor' | 'enforce'
  policy?: {
    maxRiskScore:       number   // Block/warn above this (default: 0.5)
    blockHighRisk:      boolean  // Auto-block high risk (default: false)
    alertThreshold:     number   // Monitor alert threshold (default: 0.6)
    onBlock?: (result: ScanResult) => void
    onWarn?:  (result: ScanResult) => void
  }
}
qg.analyze(hostname)
Performs a full TLS inspection of a host. Queries certificate details, cipher suite, protocol version, and computes a quantum risk score. 
interface HostAnalysis {
  hostname:        string
  tlsVersion:      string             // e.g. 'TLSv1.3'
  cipherSuite:     string             // e.g. 'TLS_AES_256_GCM_SHA384'
  certAlgorithm:   string             // e.g. 'RSA-2048', 'ECDSA-P256'
  certIssuer:      string
  certValidTo:     Date
  exposureLevel:   'safe' | 'low' | 'moderate' | 'high' | 'critical'
  riskScore:       number             // 0 (safe) to 1 (critical)
  riskLevel:       'safe' | 'low' | 'medium' | 'high' | 'critical'
  recommendation:  string
}
qg.scan(url)
Scans a URL before your application connects to it. In 'enforce' mode, high-risk connections are blocked before the handshake completes. 
interface ScanResult {
  safe:            boolean
  action:          'allow' | 'warn' | 'block'
  riskScore:       number
  riskLevel:       string
  details: {
    tlsVersion:    string
    cipherSuite:   string
    certAlgorithm: string
    pqcEnabled:    boolean
  }
  recommendation:  string
}
qg.planMigration(hostname)
Creates a migration plan to upgrade a host's cryptographic configuration to post-quantum standards. Does not execute — call qg.applyMigration() to run it. 
const plan = await qg.planMigration('legacy.example.com')

// plan.currentCipher         → current cipher suite
// plan.recommendedCipher     → suggested PQC cipher
// plan.estimatedEffort       → 'low' | 'medium' | 'high'
// plan.steps                 → ordered migration instructions
003 — MONITORING

Continuous Monitoring

Continuously monitor hosts for cryptographic risk changes. The monitor polls TLS handshake data on a configurable interval and fires alerts when a host's risk score crosses your threshold.

SETUP
const monitor = qg.createMonitor(
  ['api.example.com', 'auth.example.com'],
  (analysis) => {
    console.log(`Alert: ${analysis.hostname}`)
    console.log(`Risk:  ${analysis.riskScore}`)
    console.log(`Level: ${analysis.exposureLevel}`)
    console.log(analysis.recommendation)
  },
  60_000   // poll every 60 seconds
)

monitor.start()

// Add/remove hosts dynamically
monitor.addHost('new.example.com')
monitor.removeHost('old.example.com')

// Stop monitoring
monitor.stop()
004 — POST-QUANTUM ATTESTATION

PQC Attestation

Generate cryptographic proof that your services support quantum-resistant algorithms. This module provides off-chain attestation using ML-DSA (NIST FIPS 204). When your infrastructure adopts PQC natively, migration will be seamless.

GENERATE ML-DSA KEYPAIR
import { generatePQKeypair, createAttestation, verifyAttestation }
  from '@quantumgenie/ciphernova-sdk'

// Generate a NIST-standard ML-DSA-65 keypair
const pqKeys = await generatePQKeypair()

// pqKeys.publicKey  → Uint8Array (1952 bytes)
// pqKeys.secretKey  → Uint8Array (4032 bytes)
CREATE & VERIFY ATTESTATION
// Bind your service identity to a PQ key
const attestation = await createAttestation(
  'your-service-identifier',
  pqKeys.secretKey,
  pqKeys.publicKey
)

// Verify the binding
const valid = await verifyAttestation(attestation)
// valid → true
005 — RISK SCORING

Risk Scoring

QuantumGenie's risk score is based on real TLS handshake data, not simulation. Every host using classical key exchange (RSA, ECDH) is theoretically vulnerable to quantum attack via Shor's algorithm. The risk score quantifies how exposed a specific host is today.

WEIGHTED FACTORS
// TLS protocol version       (30%)
// TLS 1.0/1.1 = critical, TLS 1.2 = moderate, TLS 1.3 = lower

// Key exchange algorithm      (35%)
// RSA key exchange = high risk; ECDHE = moderate; ML-KEM = safe

// Certificate algorithm       (20%)
// RSA-2048 = vulnerable; ECDSA-P256 = moderate; ML-DSA = safe

// Certificate expiry          (15%)
// Expiring certs indicate outdated crypto hygiene
EXPOSURE LEVELS
Level Condition Risk Score
safe PQC cipher suite active (ML-KEM / X25519Kyber) 0.0 – 0.1
low TLS 1.3 with modern ECDHE, short-lived certs 0.1 – 0.3
moderate TLS 1.2 with forward secrecy 0.3 – 0.55
high TLS 1.2 without forward secrecy, or RSA key exchange 0.55 – 0.8
critical TLS 1.0 / 1.1, or self-signed with weak algo 0.8 – 1.0
006 — COMPATIBILITY SIGNALS

Fits into the security stacks teams already operate.

QuantumGenie is designed to sit alongside the systems security teams already use for endpoint, code, identity, and network visibility. These compatibility markers help position the platform inside a broader enterprise security workflow.

The logos below are shown as compatibility targets and ecosystem examples, not as product endorsements. The layout is intentionally ready for brand assets later, but already communicates the integration posture now.

SentinelOne

Endpoint and threat telemetry context

Pair cryptographic posture with endpoint-driven signals when teams need broader incident and asset visibility.

Microsoft Defender

Security operations alignment

Connect PQC readiness work to existing defender-led workflows, investigations, and enterprise control programs.

SonarQube

Code quality and remediation overlap

Support engineering teams that already review code findings and want cryptographic debt surfaced in a familiar workflow.

Palo Alto Networks

Network and infrastructure visibility

Extend posture conversations beyond public TLS into the broader network and infrastructure layers where crypto risk hides.

007 — START BUILDING

Protect your infrastructure today.

Deploy CipherScanTM agents and get full cryptographic visibility in minutes.

GET STARTED SCAN A SITE